CN115277260B - Method and system for detecting vulnerability of cloud platform of Internet of things - Google Patents
Method and system for detecting vulnerability of cloud platform of Internet of things Download PDFInfo
- Publication number
- CN115277260B CN115277260B CN202211186099.XA CN202211186099A CN115277260B CN 115277260 B CN115277260 B CN 115277260B CN 202211186099 A CN202211186099 A CN 202211186099A CN 115277260 B CN115277260 B CN 115277260B
- Authority
- CN
- China
- Prior art keywords
- mqtt
- message
- attack
- elements
- cloud platform
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16Y—INFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
- G16Y30/00—IoT infrastructure
- G16Y30/10—Security thereof
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention relates to a method and a system for detecting the vulnerability of a cloud platform of the Internet of things, belonging to the field of information security, wherein the method comprises the following steps: constructing MQTT protocol message space according to each part of the obtained MQTT data message, obtaining possible arrangement conditions of all part values in the MQTT protocol message space, constructing an input space set, constructing the MQTT message for transmission, and obtaining elementseCorresponding return messagerWill return the messagerSame aseAndrform ordered pairs into collectionsSerAnd will be assembledSerPut into a collectionSpdrGathering each element and corresponding in MQTT protocol message spaceSpdrAnd adding an output set, thereby determining the attack type and the attack position and realizing the communication vulnerability detection switched from the cloud platform.
Description
Technical Field
The invention relates to the technical field of information security, in particular to a method and a system for detecting the vulnerability of an Internet of things cloud platform.
Background
Fuzz testing (fuzzing) is a software testing technique. The core idea is to input automatically or semi-automatically generated random data into a program and monitor program exceptions such as crashes, assertion (assertion) failures to discover possible program errors such as memory leaks. Fuzz testing is often used to detect security breaches of a software or computer system.
The Internet of Things (IoT) refers to a process of connecting daily physical objects to The Internet, from common household articles such as light bulbs to medical assets such as medical devices to wearable devices, smart devices and even smart cities, all of which can be connected to The Internet.
Message queue telemetry transport protocol (MQTT) is the mainstream communication protocol in the internet of things system at present, and is divided into a message broker and a client. The message agent is used for receiving messages from the client and forwarding the messages to the target client. The transmission of information is governed by a topic (topic). When a publisher has data to be distributed, the publisher sends a control message carrying the data to a connected message broker through a client, and the broker distributes the data to the client subscribing the topic.
The internet of things cloud intelligent manufacturing management and control platform is divided into three parts, namely internet of things equipment, a cloud platform and a user terminal. The cloud platform is used as a bridge of users and equipment, is a key ring of an internet of things architecture, and the core components of the cloud platform are MQTT message agents and customized firewalls. The existing vulnerability detection method of the Internet of things system starts from the equipment end of the Internet of things, and a mature and effective vulnerability detection method from the angle of a cloud platform does not exist, however, the cloud processing of the problem of logic allocation of different resources causes an attacker to subscribe to an illegal topic (topic) and further acquire illegal resources; the problem of protocol implementation in the cloud communication process can trigger the cloud platform to overflow a bug to cause command execution, and an attacker can control all connected devices to cause large-scale killing after taking over the cloud platform.
Disclosure of Invention
The invention aims to provide a method and a system for detecting the vulnerability of an Internet of things cloud platform, which realize communication vulnerability detection switched from the perspective of the cloud platform.
In order to achieve the purpose, the invention provides the following scheme:
a method for detecting the vulnerability of an Internet of things cloud platform comprises the following steps:
acquiring fixed length parts of the MQTT data message header, variable length parts of the MQTT data message header and an external input part of the MQTT data message from an Internet of things cloud platform according to the protocol specification of the MQTT;
the fixed length part, the variable length part and the external input part are sequentially formed into a set expressing MQTT protocol message spaceS;
Will be collectedSMiddle set elementpIs recorded as a setSpcTo be assembledSpcEvery two of all the set elements are subjected to Cartesian product operation to obtain a setCartesianThe set ofCartesianThe middle elements are ordered pairs;
will gather elementspAs a first operand, assembleCartesianTaking each ordered pair as a second operand to perform Cartesian product to obtain a set consisting of ordered pairsSp;
Each collection elementpAnd corresponding setsSpForming an input space set, wherein elements in the input space set are set elementspAnd corresponding setsSpAn ordered pair of formations;
inputting each ordered pair element in the space setpairEach ordered pair of the second element of (a)eSplicing the medium elements in sequence to obtain an MQTT message;
each ordered pair is combinedeCorresponding MQTT messages are sent to a tcp channel, and returned MQTT messages of each MQTT message from the tcp channel are obtainedr;
For each ordered pair element in the input space setpairThe MQTT message is returnedrSame ordered paireAnd corresponding returned MQTT messagerForm ordered pairs into collectionsSerAnd will be assembledSerPut into a collectionSpdr(ii) a If setSpdrIf the number of the ordered pair elements in (1) is greater than 1, the elements are collectedpAnd collectionsSpdrAdding the formed ordered pairs into an output set;
and determining the attack type and the attack position according to the output set.
Optionally, the attack types include a first attack type and a second attack type, the first attack type includes a denial of service attack and a buffer overflow type attack, and the second attack type is a logic error type attack.
Optionally, the tcp channel is a tcp connection path established by the internet of things cloud platform using a socket and connected with the MQTT message broker.
The invention discloses an Internet of things cloud platform vulnerability detection system, which comprises:
the MQTT data message acquisition module is used for acquiring fixed length parts of the head of the MQTT data message, variable length parts of the head of the MQTT data message and an external input part of the MQTT data message from the Internet of things cloud platform according to the protocol specification of the MQTT;
MQTT protocol message space expression construction module for forming the set of MQTT protocol message space expression by each fixed length part, variable length part and external input part in sequenceS;
A first Cartesian product operation module for combining the setsSMiddle set elementpIs recorded as a setSpcWill be assembledSpcEvery two of all the set elements are subjected to Cartesian product operation to obtain a setCartesianSaid setCartesianThe middle elements are ordered pairs;
a second Cartesian product operation module for integrating the elementspAs a first operand, assembleCartesianTaking each ordered pair as a second operand to carry out Cartesian product to obtain a set consisting of ordered pairsSp;
An input space set composition module for each set elementpAnd corresponding setsSpForming an input space set, wherein elements in the input space set are set elementspAnd corresponding setsSpAn ordered pair of formations;
MQTT message determination module for inputting each ordered pair element in the space setpairEach ordered pair of the second element in (1)eSplicing the medium elements in sequence to obtain an MQTT message;
MQTT message sending module forIn each ordered paireCorresponding MQTT messages are sent to a tcp channel, and the returned MQTT messages of each MQTT message from the tcp channel are obtainedr;
An output set construction module for constructing each ordered pair element in the input space setpairThe MQTT message is returnedrSame ordered paireAnd corresponding returned MQTT messagerForm ordered pairs into collectionsSerAnd will be assembledSerPut into a collectionSpdr(ii) a If setSpdrIf the number of the ordered pair elements in (1) is greater than 1, the elements are collectedpAnd collectionsSpdrAdding the formed ordered pairs into an output set;
and the attack type and attack position determining module is used for determining the attack type and the attack position according to the output set.
Optionally, the attack types include a first attack type and a second attack type, the first attack type includes a denial of service attack and a buffer overflow type attack, and the second attack type is a logic error type attack.
Optionally, the tcp channel is a tcp connection path established by the internet of things cloud platform using a socket and connected with the MQTT message broker.
According to the specific embodiment provided by the invention, the invention discloses the following technical effects:
the invention discloses a method and a system for detecting vulnerability of an Internet of things cloud platform, which are based on fuzzy test and ordered pair, construct an MQTT protocol message space according to all parts of MQTT data messages acquired from the Internet of things cloud platform, obtain possible arrangement conditions of values of all parts in the MQTT protocol message space, classify according to that only one part of each class has a changed value and other part values remain unchanged, and obtain a new group of sets representing one classSpPeople and input spaceInputs,InputsIs a portion that is changed and corresponds toSpOrdered pairs of formations to be input into the spaceInputsEach ordered pair ofpairEach set in the second element of (1)SpTake out each element thereofeConstructing an MQTT message and sending the MQTT message to a tcp channel to obtain each elementeCorresponding return messagerReturning the messagerSame aseAndrthe constituent ordered pairs are put into a setSpdrIn (A) mixingp,Spdr) And adding an output set, and determining the attack type and the attack position according to the output set, thereby realizing the communication vulnerability detection switched from the cloud platform.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings without inventive exercise.
FIG. 1 is a schematic flow chart of a vulnerability detection method of an Internet of things cloud platform according to the present invention;
FIG. 2 is a schematic diagram of the principle of the vulnerability detection method of the cloud platform of the Internet of things;
fig. 3 is a schematic structural diagram of a vulnerability detection system of an internet of things cloud platform.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be obtained by a person skilled in the art without making any creative effort based on the embodiments in the present invention, belong to the protection scope of the present invention.
The invention aims to provide a method and a system for detecting the vulnerability of an Internet of things cloud platform, which realize communication vulnerability detection switched from the perspective of the cloud platform.
In order to make the aforementioned objects, features and advantages of the present invention comprehensible, embodiments accompanied with figures are described in further detail below.
Fig. 1 is a schematic flow diagram of a method for detecting the vulnerability of an internet of things cloud platform, fig. 2 is a schematic principle diagram of the method for detecting the vulnerability of the internet of things cloud platform, and as shown in fig. 1-2, the method for detecting the vulnerability of the internet of things cloud platform comprises the following steps:
step 101: and acquiring each fixed length part of the MQTT data message header, the variable length part of the MQTT data message header and the external input part of the MQTT data message from the Internet of things cloud platform according to the protocol specification of the MQTT.
Wherein, step 101 specifically includes: firstly, an MQTT data message is obtained according to the protocol specification of the MQTT, and the correct value range of each part of the message header and the external input of a program given by people are used for inputtingpmaxRecording the part formed by the x-th to y-th bits of each part as a set Px _ y, wherein the fixed length part comprises:P5_8、P4_4、P1_2、P0_0the variable length part comprisesP9_l。
Each part of the message header has the following correct value range according to the MQTT protocol:
P5_8={n|1<=n<=14},P4_4={n|0<=n<=3},P1_2={n|0<=n<=3},P0_0={n|0<=n<=1},P9_l={n|0<=n<=268435455}。
recording the data part (external input part) of MQTT data message asPl_inf,Pl_inf={n|0<=n<=pmaxUpper bound of its rangepmaxThe larger the value, the more precise the program but the longer it takes, and the coarser the value but faster it is entered externally by the program.
Step 102: the fixed length part, the variable length part and the external input part are sequentially formed into a set expressing MQTT protocol message spaceS。
The message space expression of MQTT protocol is as followsS=(P5_8,P4_4,P1_2,P0_0,P9_l,Pl_inf)。
To obtainSThe possible arrangement of the values of all the parts is classified according to the condition that only one part of each class has a changed value and the values of other parts of each class keep unchanged, so as to obtain a new set representing one classSpPeople and input spaceInputs,InputsIs a portion in which each element is a changeScore and correspondenceSpOrdered pairs, sets of constructsSpEach element of (a) isSEach part of the sequence pairs is formed by a value sequence in the corresponding value range, and the steps are steps 103 to 105.
Step 103: will be assembledSMiddle set elementpIs recorded as a setSpcWill be assembledSpcEvery two of all the set elements are subjected to Cartesian product operation to obtain a setCartesianSet ofCartesianThe middle element is an ordered pair.
CollectionCartesianAlso expressed as a collectionCartesian(Spc)。
Step 104: will gather elementspAs a first operand, assembleCartesian(Spc) Taking each ordered pair as a second operand to perform Cartesian product to obtain a set consisting of ordered pairsSp。
Step 105: each collection elementpAnd corresponding setsSpComposing input space collectionsinputsInput space setinputsThe middle element is a collection elementpAnd corresponding setsSpAn ordered pair of formations.
As a specific example, when assemblingS={A,B,C,D},A={a,b},B={c,d},C={e,f},D={g}。
For collectionsSEach of which isp,
First round hour of takingpIf A, the rest isSpc={B,C,D}。
Obtaining the Cartesian product of every two elements of { B, C, D }Cartesian(Spc):
Cartesian(Spc) Where "= B × C × D" = { C, D } × { e, f } × { g } = { (C, e), (C, f), (D, e), (D, f) } × { g } = { (C, e, g), (C, f, g), (D, e, g), (D, f, g) }, each of the ordered pairs is used as a set of single elements (e.g., the first ordered pair (C, e, g) as the second operand and (e.g., the second operand) as the second operand and (e.g., the first ordered pair (C, e, g))pThe product of the cartesian dimension of the signal,pis the first operand, to the left of the Cartesian product operator x, at which timepA × { (c, e, g }) = { a, b } × { (c, e, g } } = { (a, c, e, g), (b, c, e, g) } was obtained.
Sp={p×{y}|y∈Cartesian(Spc)}
={{(a,c,e, g), (b, c, e, g) }, { (a, c, f, g), (b, c, f, g) }, { (a, d, e, g), (b, d, e, g) }, { (a, d, f, g), (b, d, f, g) }, in this case, this time, ispIn case of = A, it is necessary topRepeating the algorithm over all elements in S forms the result into a setInputs={(p,Sp)|p∈S}={(p,{p×{y}|y∈Cartesian(Spc)})|p∈S}。
Step 106: integrating input spacesinputsEach ordered pair element in (1)pairEach ordered pair of the second element in (1)eAnd splicing the medium elements in sequence to obtain the MQTT message.
Step 107: each ordered pair is combinedeCorresponding MQTT messages are sent to a tcp channel, and the returned MQTT messages of each MQTT message from the tcp channel are obtainedr。
the tcp channel is a tcp connection channel which is established by the Internet of things cloud platform through a socket and is connected with the MQTT message broker.
Wherein, step 107 comprises: defining the connection disconnection condition of tcp and MQTT message returned when the tcp is not disconnectedr。
Step 108: for input space setinputsEach ordered pair of elements inpairThe MQTT message is returnedrSame ordered paireAnd corresponding returned MQTT messagerForm ordered pairs into collectionsSerAnd will be assembledSerPut into a collectionSpdr(ii) a If setSpdrIf the number of the ordered pair elements in (1) is greater than 1, the elements are collectedpAnd setSpdrComposed ordered pairs are added to an output setOUTPUT。
Wherein, step 108 specifically comprises: to pairInputsEach ordered pair ofpairEach set in the second element of (1)SpTake out each element thereofeConstructing an MQTT message, sending the MQTT message to a tcp channel, and detecting the connection disconnection condition of the tcp and the MQTT message returned when the connection is not disconnectedrThe disconnection condition or the return message being the sameeAndrthe constituent ordered pairs are put into a setSerThese setsSerIs thatSpA splitting modeSpdAre added together to form a large aggregateSpdr={(Spd1,r1),(Spd2, r2),...,(Spdn,rn) Get it beforeSpdrThe number of elements of (2) is more than 1, will (p,Spdr) Joining an output setOUTPUT。
Step 109: according to output setOUTPUTAnd determining the attack type and the attack position.
The attack types include a first attack typeAtk1And a second attack typeAtk2The first attack type comprises a denial of service attack and a buffer overflow type attack, and the second attack type is a logic error type attack.
For output setsOUTPUTWherein each element is an ordered pair (p,Spdr) The first element p is a vulnerable input point and the second element Spdr is a set of candidate attack vectors.SpdrIs different inrCorresponding to different results ifrIf tcp is disconnected then thisspdBelong toAtk1If, ifrReturning messages for different MQTTsspdBelong toAtk2. The invention helps technicians to followpDetermining which part of the MQTT message is problematic for the cloud platform to process,pthe value of (1) is Px _ y in the step one, the Px _ y represents that the x bit to the y bit of the MQTT message are error points, the Spdr contains different attack vectors on the error points to cause different influences, and the Spdr is provided for developers of the cloud platform to help the developers to analyze problems.
Fig. 3 is a schematic structural diagram of a vulnerability detection system of an internet of things cloud platform, and as shown in fig. 3, the vulnerability detection system of the internet of things cloud platform includes:
the data message part acquisition module 201 is used for acquiring fixed length parts of the data message header of the MQTT, variable length parts of the data message header of the MQTT and external input parts of the MQTT data message from the internet of things cloud platform according to the protocol specification of the MQTT.
An MQTT protocol message space expression building module 202, configured to sequentially construct a set for expressing MQTT protocol message space from each fixed length part, each variable length part, and each external input partS。
A first Cartesian product operation module 203 for collecting the setsSMiddle set elementpIs recorded as a setSpcWill be assembledSpcAll sets inThe resultant elements are pairwise subjected to Cartesian product operation to obtain a setCartesian(Spc) Set ofCartesian(Spc) The middle element is an ordered pair.
A second Cartesian product operation module 204 for integrating the elements of the setpAs a first operand, assembleCartesian(Spc) Taking each ordered pair as a second operand to carry out Cartesian product to obtain a set consisting of ordered pairsSp。
An input space set composition module 205 for each set elementpAnd corresponding setsSpComposing input space collectionsinputsInput space setinputsThe middle element is a set elementpAnd corresponding setsSpAn ordered pair of formations.
An MQTT message determination module 206 for aggregating the input spacesinputsEach ordered pair element in (1)pairEach ordered pair of the second element in (1)eAnd splicing the medium elements in sequence to obtain the MQTT message.
An MQTT message sending module 207 for sending each ordered paireCorresponding MQTT messages are sent to a tcp channel, and the returned MQTT messages of each MQTT message from the tcp channel are obtainedr。
An output set construction module 208 for constructing a set of input spacesinputsEach ordered pair of elements inpairThe MQTT message is returnedrSame ordered paireAnd corresponding returned MQTT messagerForm ordered pairs into collectionsSerAnd will be assembledSerPut into a collectionSpdr(ii) a If setSpdrIf the number of the ordered pair elements in (1) is greater than 1, the elements are collectedpAnd collectionsSpdrComposed ordered pairs are added to an output setOUTPUT。
An attack type and attack location determination module 209 for aggregating based on the outputOUTPUTAnd determining the attack type and the attack position.
The attack types comprise a first attack type and a second attack type, the first attack type comprises a denial of service attack and a buffer overflow type attack, and the second attack type is a logic error type attack.
the tcp channel is a tcp connection channel which is established by the Internet of things cloud platform through a socket and is connected with the MQTT message broker.
The embodiments in the present description are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other. For the system disclosed by the embodiment, the description is relatively simple because the system corresponds to the method disclosed by the embodiment, and the relevant points can be referred to the method part for description.
The principles and embodiments of the present invention have been described herein using specific examples, which are provided only to help understand the method and the core concept of the present invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, the specific embodiments and the application range may be changed. In view of the above, the present disclosure should not be construed as limiting the invention.
Claims (6)
1. The method for detecting the vulnerability of the cloud platform of the Internet of things is characterized by comprising the following steps:
acquiring fixed length parts of the MQTT data message header, variable length parts of the MQTT data message header and an external input part of the MQTT data message from an Internet of things cloud platform according to the protocol specification of the MQTT;
the fixed length part, the variable length part and the external input part are formed into a set expressing MQTT protocol message space in sequenceS;
Will be assembledSMiddle set elementpIs recorded as a setSpcTo be assembledSpcEvery two of all the set elements are subjected to Cartesian product operation to obtain a setCartesianSaid setCartesianThe medium elements are ordered pairs;
will gather elementspAs a first operand, assembleCartesianTaking each ordered pair as a second operand to perform Cartesian product to obtain a set consisting of ordered pairsSp;
Each collection elementpAnd corresponding setsSpForming an input space set, wherein elements in the input space set are set elementsVegetable extractpAnd corresponding setsSpAn ordered pair of formations;
inputting each ordered pair element in the space setpairEach ordered pair of the second element in (1)eSplicing the medium elements in sequence to obtain an MQTT message;
each ordered pair is combinedeCorresponding MQTT messages are sent to a tcp channel, and returned MQTT messages of each MQTT message from the tcp channel are obtainedr;
For each ordered pair element in the input space setpairThe MQTT message is returnedrSame ordered paireAnd corresponding returned MQTT messagerForm ordered pairs into collectionsSerAnd will be assembledSerPut into a collectionSpdr(ii) a If setSpdrIf the number of the ordered pair elements in (1) is greater than 1, the elements are collectedpAnd collectionsSpdrAdding the formed ordered pairs into an output set;
and determining the attack type and the attack position according to the output set.
2. The method for detecting the vulnerability of the cloud platform of the internet of things according to claim 1, wherein the attack types comprise a first attack type and a second attack type, the first attack type comprises a denial of service attack and a buffer overflow type attack, and the second attack type is a logic error type attack.
3. The method for detecting the vulnerability of the Internet of things cloud platform of claim 1, wherein the tcp channel is a tcp connection path established by the Internet of things cloud platform using a socket and with an MQTT message broker.
4. The utility model provides a thing networking cloud platform vulnerability detecting system which characterized in that includes:
the MQTT data message acquisition module is used for acquiring fixed length parts of the head of the MQTT data message, variable length parts of the head of the MQTT data message and an external input part of the MQTT data message from the Internet of things cloud platform according to the protocol specification of the MQTT;
MQTT protocol message spaceAn interexpression building module for forming the fixed length part, the variable length part and the external input part into a set of MQTT protocol message spaces in sequenceS;
A first Cartesian product operation module for combining the setsSMiddle set elementpIs recorded as a setSpcWill be assembledSpcEvery two of all the set elements are subjected to Cartesian product operation to obtain a setCartesianSaid setCartesianThe middle elements are ordered pairs;
a second Cartesian product operation module for integrating the elementspAs a first operand, assembleCartesianTaking each ordered pair as a second operand to perform Cartesian product to obtain a set consisting of ordered pairsSp;
An input space set composition module for each set elementpAnd corresponding setsSpForming an input space set, wherein the elements in the input space set are set elementspAnd corresponding setsSpAn ordered pair of formations;
MQTT message determination module for inputting each ordered pair element in the space setpairEach ordered pair of the second element in (1)eSplicing the medium elements in sequence to obtain an MQTT message;
MQTT message sending module for sending each ordered paireCorresponding MQTT messages are sent to a tcp channel, and the returned MQTT messages of each MQTT message from the tcp channel are obtainedr;
An output set construction module for constructing each ordered pair element in the input space setpairThe MQTT message is returnedrSame ordered paireAnd corresponding returned MQTT messagerForm ordered pairs into collectionsSerAnd will be assembledSerPut into a collectionSpdr(ii) a If setSpdrIf the number of the ordered pair elements in (1) is greater than 1, the elements are collectedpAnd collectionsSpdrAdding the formed ordered pairs into an output set;
and the attack type and attack position determining module is used for determining the attack type and the attack position according to the output set.
5. The Internet of things cloud platform vulnerability detection system of claim 4, wherein the attack types comprise a first attack type and a second attack type, the first attack type comprises a denial of service attack and a buffer overflow type attack, and the second attack type is a logic error type attack.
6. The system for detecting the vulnerability of the Internet of things cloud platform of claim 4, wherein the tcp channel is a tcp connection path established by the Internet of things cloud platform using a socket and with the MQTT message broker.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211186099.XA CN115277260B (en) | 2022-09-28 | 2022-09-28 | Method and system for detecting vulnerability of cloud platform of Internet of things |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211186099.XA CN115277260B (en) | 2022-09-28 | 2022-09-28 | Method and system for detecting vulnerability of cloud platform of Internet of things |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115277260A CN115277260A (en) | 2022-11-01 |
| CN115277260B true CN115277260B (en) | 2022-12-30 |
Family
ID=83756973
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211186099.XA Active CN115277260B (en) | 2022-09-28 | 2022-09-28 | Method and system for detecting vulnerability of cloud platform of Internet of things |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115277260B (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1756190A (en) * | 2004-09-30 | 2006-04-05 | 北京航空航天大学 | Distributed performance data acquisition method |
| WO2010042979A1 (en) * | 2008-10-13 | 2010-04-22 | Swinburne University Of Technology | Process and system for assessing network vulnerability |
| WO2022165599A1 (en) * | 2021-02-05 | 2022-08-11 | Mcmaster University | Method and system for determining design and segmentation for robust network access security |
-
2022
- 2022-09-28 CN CN202211186099.XA patent/CN115277260B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1756190A (en) * | 2004-09-30 | 2006-04-05 | 北京航空航天大学 | Distributed performance data acquisition method |
| WO2010042979A1 (en) * | 2008-10-13 | 2010-04-22 | Swinburne University Of Technology | Process and system for assessing network vulnerability |
| WO2022165599A1 (en) * | 2021-02-05 | 2022-08-11 | Mcmaster University | Method and system for determining design and segmentation for robust network access security |
Non-Patent Citations (1)
| Title |
|---|
| 基于通信相似度的僵尸网络节点检测方法;金渝筌等;《网络与信息安全学报》;20181015(第10期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115277260A (en) | 2022-11-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Hao et al. | Towards a trust-enhanced blockchain P2P topology for enabling fast and reliable broadcast | |
| US20020052937A1 (en) | Method and apparatus for verifying the contents of a global configuration file | |
| CN109768970A (en) | It is a kind of based on configurable puppy parc generation method | |
| RU2757597C1 (en) | Systems and methods for reporting computer security incidents | |
| Luo et al. | Bleem: Packet sequence oriented fuzzing for protocol implementations | |
| Kholgh et al. | PAC-GPT: A novel approach to generating synthetic network traffic with GPT-3 | |
| US11178042B2 (en) | Protocol and state analysis in a dynamic routing network | |
| CN112700332B (en) | Bit currency account clustering method based on graph calculation | |
| CN110442502A (en) | A kind of method, apparatus buried a little, equipment and storage medium | |
| CN108076017A (en) | The protocol analysis method and device of a kind of data packet | |
| KR20220139807A (en) | Method for automatic derivation of attack paths in a network | |
| TWI626538B (en) | Infrastructure rule generation | |
| CN113660241A (en) | Automatic penetration testing method based on deep reinforcement learning | |
| Berger et al. | Does my bft protocol implementation scale? | |
| CN108055166A (en) | A kind of the state machine extraction system and its extracting method of the application layer protocol of nesting | |
| CN115277260B (en) | Method and system for detecting vulnerability of cloud platform of Internet of things | |
| CN117640544A (en) | Distributed service call management system and method thereof | |
| CN117176802A (en) | Full-link monitoring method and device for service request, electronic equipment and medium | |
| CN112333171A (en) | Service data processing method and device and computer equipment | |
| Dos Santos et al. | On using mashups for composing network management applications | |
| CN116418567A (en) | Network protocol security test system | |
| Hine et al. | Scalable emulation of enterprise systems | |
| Shu et al. | A formal methodology for network protocol fingerprinting | |
| CN112491801B (en) | Incidence matrix-based object-oriented network attack modeling method and device | |
| Kumar et al. | Formal Model-Driven Analysis of Resilience of GossipSub to Attacks from Misbehaving Peers |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |